Security for Dummies

security tips and tricks

3 facts from one source

I have mentioned several times here and here we all need password manager. These three posts in the ITFacts strongly support my words. My statement is clear – we need password manager software. I suggest using portable one

63% of Americans use roughly the same password for different online accounts
63% of Americans admit to using the same password or a variation of it for all or most of their online accounts. 6.7% use a variation of a familiar password for most of their online accounts. 22.9% use the same password for most of their online accounts. 3.5% use the same password for all their online accounts.

66% of US employees write down passwords in unsafe places
US workers, managers, and IT staffs alike are increasingly confronted with difficulties arising from computer passwords. Over half of all respondents said the average employee in their firms are required to remember three to five passwords, with an additional 26% saying the number ranges from six to ten or more. 49% responded that employees are required to use passwords more than 25 times per week, with 8% stating the number of password uses exceed 100 per week. 66% stated that employees write down or store passwords in unsafe places, creating a security problem for their companies. 48% of responding IT professionals are actively seeking a reliable password management solution. While 79% of those taking the survey report that security is their number one password management concern, 39% also reported Lost Employee Productivity or Frustration as an issue. In addition, 31% said that helpdesk hours are either lost or spent in frustration by support personnel.

Only 14% of business users use a different password for each site
14% of the business users use a unique password for each site. 41% use the same password all the time, while the remaining 45% use “a few” different passwords.

July 13, 2008 Posted by | passwords, Security, Security Threats | , | 1 Comment

Back to passwords

Yes, we have lots of passwords – bank accounts, e-mails, computers, domains, instant messengers, you name it – and we need them all. We may forget them and we do. I am not talking about those who have only one password for all, they are just not aware of risks. Regular PC user needs at least 10 passwords.
I think that we all agree that we need a Password Manager. The only question is which one to chose.

What to Look for in Password Management Software
Password management software should be easy to use and useful to the most inexperienced computer user. It should also be secure enough to keep hackers out and passwords safe. These are the criteria that one shall consider when selecting a best suitable solution for his money:
• Feature Set – The best password management software provides applications and tools to help manage passwords and login information. This may include saving personal data or credit card information, program functions like web site launching capabilities. Automatic capture and filling of forms shall be of highest priority.
• Ease of Use – Password management programs should be easy to program and manage, even for computer novices.
• Portability – The ability to launch application and to save records to a removable device. Alternatively a web access to the stored passwords can be used
• Security – Most importantly, the software should provide password security to its user. Passwords shall be kept encrypted. User shall have an opportunity to make backups of saved information and generate passwords with encryption algorithms.
From the whole range of password managers only two answer these requirements:

RoboForm2Go – a popular one and
n-Pass2Go – the best one
Get it from CNET Download.com!

Alternative mode of operation, as I have mentioned already, is to store passwords online and access them from any computer. This novel approach deserves more attention.
First and most interesting IMHO is a Clipperz. Good – smart design, good idea, Ajax. Drawbacks –rather complicated operation. My personal concern is also about keeping all my passwords somewhere online. Even assuming that staff cannot access and decrypt my files, it can be done by hackers with brute force attack. And in case that I forget the master password – all gone.

Then, I would like to mention Passpack. Another nice and fast developing tool. It fills passwords automatically from the Ajax window. The same minor concern – keeping passwords, a most valuable information online. I personally will use it for some accounts not containing information on bank accounts, credit cards and social security.

The last one, myVidoop.com, was suggested by Kevin Fox in his comment to one of the previous posts. An interesting idea of replacement of master password with image categories was implemented there. Major drawback to my oppinion is a lack of portability. I mean that you need to install plug-in to enable automatic form filling. This is impossible when you are working on public computer or at work.

I am going to continue writing on password managers. Keep reading or subscribe to RSS

July 8, 2008 Posted by | passwords | , , | 4 Comments

A review of fingerprint security device

Miguele Fernandez, a founder of Extrememhz.com has tested and reviewed the n-Tegrity – Fingerprint protected personal data manager.

“…Very few products that come in for review are not only impressive and feature-rich enough to spend a considerable amount of extra time evaluating, but few are designed with such unique functionality that they end up being a pleasure to use.  The n-Tegrity Pro from the talented folks at n-Trance is one if these rare products that will certainly impress.  After having the pleasure of spending countless hours discovering and testing its somewhat endless array of features, this biometric flash drive is certainly in a class of its own and not to be mistaken as “just another flash drive”…

 …it is the first product I have found that allows RDC connections via your fingerprint… 

…Folks, the best way I can describe this product is that it is one that will provide ultimate peace of mind thanks to its highly unique features which will basically provide you with your own secured working environment, regardless of what PC you plug this little beast in… With that said, the n-Tegrity Pro earns our very highest recommendation and “Extreme Excellence Award…”

Full text of review can be found here

July 3, 2008 Posted by | Encryption, passwords, Security | , , | Leave a comment